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AMENDMENT TO THE CLAIMS 



1 1 . (Currently Amended) A method of evaluating fraud risk of an electronic commerce 

2 transaction, the method comprising the computer-implemented steps of: 

3 receiving transaction data that defines the electronic commerce transaction; 

4 determining a first fraud risk score value associated with the electronic commerce 

5 transaction based on applying a plurality of tests to the transaction data, wherein 

6 each of the plurality of tests determines whether the transaction data appears to 

7 represent a genuine transaction based on specified criteria; 

8 determining a second fraud risk score value associated with the electronic commerce 

9 transaction based on a comparison of the transaction data to historical transaction 

10 data; 

1 1 combining the first fraud risk score value and the second fraud risk score value using a 

12 statistical model to result in creating a model score value; 

13 blending the model score value with one or more merchant-specific threshold values to 

14 result in creating and storing a final fraud risk score value for the electronic 

15 commerce transaction; 

16 wherein receiving transaction data comprises the steps of receiving transaction data that 

17 defines the electronic commerce transaction for a particular Internet identity, and 

18 wherein determining a second fraud risk score value comprises the steps of 

19 determining a second fraud risk score value associated with the electronic 

20 commerce transaction based on a comparison of the transaction data to historical 

21 transaction data for other electronic commerce transactions pertaining to the same 

22 Internet identity; 

23 wherein the particular Internet identity comprises a first hash value of an email address of 

24 a prospective purchaser carried in combination with a second hash value of a card 

25 bank identification number of the prospective purchaser . 

1 2. (Canceled) 
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1 3. (Canceled) 

1 4. (Currently amended) A method as recited in Claim 21, wherein the particular Internet 

2 identity comprises a first hash value of an email address of a prospective purchaser 

3 carried in combination with a second hash value of a card bank identification number of 

4 the prospective purchaser and with a third hash value based on a shipping address of the 

5 prospective purchaser. 

1 5. (Currently amended) A method as recited in Claim 21, wherein the particular Internet 

2 identity comprises a first hash value of an prospective purchaser's host IP address, in 

3 combination with a second hash value of an email address of a prospective purchaser 

4 carried, in combination with a third hash value of a card bank identification number of the 

5 prospective purchaser and a fourth hash value based on a shipping address of the 

6 prospective purchaser. 

1 6. (Currently amended) A method as recited in Claim 21, wherein the particular Internet 

2 identity comprises a first hash value of a prospective purchaser's hardware device ID 

3 value, in combination with a second hash value of either the email address or user ID of 

4 the prospective purchaser, in combination with a third hash value of a card bank 

5 identification number of the prospective purchaser and with a fourth hash value based on 

6 a shipping address of the prospective purchaser. 

1 7. (Previously presented) A method as recited in Claim 1, wherein the step of determining 

2 the second fraud risk score value comprises the steps of: 

3 retrieving one or more records of historic transaction data pertaining to past transactions 

4 associated with the transaction data; 

5 when one of the records of historic transaction data is found to contain a fraud list tag, 

6 discontinuing further retrieval of such records; 
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7 determining the second fraud risk score value associated with the electronic commerce 

8 transaction based on only the retrieved records of historical transaction data in 

9 comparison to the transaction data. 

1 8. (Previously presented) A method as recited in Claim 1 , wherein the step of determining 

2 the second fraud risk score value comprises the steps of: 

3 retrieving one or more records of historic transaction data pertaining to past electronic 

4 commerce transactions associated with the transaction data; 

5 when a specified amount of the records of historic transaction data is retrieved and further 

6 records of historic transaction data remain to be retrieved, discontinuing further 

7 retrieval of such records; 

8 determining the second fraud risk score value associated with the electronic commerce 

9 transaction based on only the retrieved records of historical transaction data in 
1 0 comparison to the transaction data. 

1 9. (Previously presented) The method as recited in Claim 1 , wherein the step of blending 

2 the model score value comprises the steps of blending the model score value with one or 

3 more merchant-specific threshold values to result in creating and storing a final fraud risk 

4 score value for the electronic commerce transaction and one or more return code values 

5 that signal specified risk issues that have been detected with respect to the transaction. 

1 10. (Previously presented) The method as recited in Claim 1, wherein determining the first 

2 fraud risk score value comprises the steps of determining a first fraud risk score value 

3 associated with the electronic commerce transaction based on applying a plurality of tests 

4 to the transaction data, wherein one of the plurality of tests determines whether an 

5 Internet identity in the transaction data is found in a list of parties to known past 

6 fraudulent transactions. 
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1 11. (Previously presented) The method as recited in Claim 1 , wherein determining the first 

2 fraud risk score value comprises the steps of determining a first fraud risk score value 

3 associated with the electronic commerce transaction based on applying a plurality of tests 

4 to the transaction data, wherein one of the plurality of tests determines whether an 

5 Internet identity in the transaction data is found in a list of trusted parties. 

1 12. (Previously presented) A method as recited in Claim 1, wherein determining the first 

2 fraud risk score value comprises the steps of determining a first fraud risk score value 

3 associated with the electronic commerce transaction based on applying a plurality of tests 

4 to the transaction data, wherein one of the plurality of tests comprises the steps of: 

5 receiving the text value; 

6 for each bi-gram in the text value, retrieving from a table of bi-gram probability values a 

7 probability value that represents a probability that the bi-gram is found in a 

8 genuine text value; 

9 generating a penalty value when the retrieved probability values indicate that the text 

10 value comprises a combination of bi-grams that are not likely to represent a 

1 1 genuine text value. 

1 13. (Previously presented) A method as recited in Claim 1, wherein determining the first 

2 fraud risk score value comprises the steps of determining a first fraud risk score value 

3 associated with the electronic commerce transaction based on applying a plurality of tests 

4 to the transaction data, by the steps of: 

5 receiving the name value; 

6 for each bi-gram in the text value, retrieving from a table of bi-gram probability values a 

7 probability value that represents a probability that the bi-gram is found in a 

8 genuine name value, wherein the table of bi-gram probability values is created 

9 based on an actual frequency of occurrences of bi-grams in a large sample of 
10 genuine names; 
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1 1 generating a penalty value when the retrieved probability values indicate that the text 

12 value comprises a combination of bi-grams that are not likely to represent a 

1 3 genuine name value . 

1 14. (Previously presented) A method as recited in Claim 1 , wherein determining the first 

2 fraud risk score value comprises the steps of determining a first fraud risk score value 

3 associated with the electronic commerce transaction based on applying a plurality of tests 

4 to the transaction data, wherein one of the plurality of tests automatically determines 

5 whether a city value in the transaction data is within an area code value of the transaction 

6 data, by the steps of: 

7 receiving the city value and the area code value as part of the transaction data; 

8 determining a latitude value and a longitude value that represent a position of a city 

9 identified in the city value; 

10 determining a range of latitude values and a range of longitude values associated with an 

1 1 area code identified in the area code value; 

12 based on the latitude value, the longitude value, the range of latitude values, and the range 

13 of longitude values, determining whether the city identified in the city value is 

14 within the area code identified in the area code value; 

15 applying a penalty to the electronic commerce transaction when the city identified in the 

16 city value is not within the area code identified in the area code value. 

1 15. (Previously presented) A method as recited in Claim 1, wherein determining the first 

2 fraud risk score value comprises the steps of determining a first fraud risk score value 

3 associated with the electronic commerce transaction based on applying a plurality of tests 

4 to the transaction data, wherein one of the plurality of tests automatically determines 

5 whether a city value in the transaction data is within an email domain of the transaction 

6 data, by the steps of: 

7 receiving the city value and an email address value as part of transaction data; 

8 determining a latitude value and a longitude value that represent a position of a city 

9 identified in the city value; 



6 



LEWIS, Sen No. 09/708,124, GAU 3624, Examiner Sandra S. Snapp 

REPLY TO OFFICE ACTION 

10 determining a range of latitude values and a range of longitude values associated with an 

1 1 email domain portion of the email address value; 

12 based on the latitude value, longitude value, the range of latitude values, and the range of 

13 longitude values, determining whether the city identified in the city value is 

14 within the email domain indicated in the email address value; 

15 applying a penalty to the electronic commerce transaction when the city identified in the 

16 city value is not within the area code identified in the area code value. 

1 16. (Currently Amended) A method as recited in Claim 4^15, further comprising the steps of 

2 creating and storing an email domain location table comprising a plurality of records that 

3 associate email domain values with city values associated with shipping addresses of past 

4 non-fraudulent transactions. 

1 1 7. (Currently Amended) The method as recited in Claim 4416, wherein determining 

2 whether the city identified in the city value is within the email domain comprises the 

3 steps of determining whether the city value is for a city that is outside the email domain 

4 as indicated by the records in the email domain location table. 

1 18. (Previously presented) A method as recited in Claim 1 , wherein determining the first 

2 fraud risk score value comprises the steps of determining a first fraud risk score value 

3 associated with the electronic commerce transaction based on applying a plurality of tests 

4 to the transaction data, wherein one of the plurality of tests automatically determines 

5 whether a country value in the transaction data is proximate to a bank referenced in a 

6 bank identification number of a credit card number in the transaction data, by the steps of: 

7 receiving the country value and a bank identification number of a credit card number as 

8 part of the transaction data; 

9 determining a relative distance between a country identified in the country value and a 

10 bank associated with the bank identification number; 

1 1 based on the relative distance between the country and the bank, determining whether the 

12 country is greater than a specified relative distance from the bank; 
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13 applying a penalty to the electronic commerce transaction when the country is greater 

14 than the specified relative distance from the bank. 

1 19. (Previously presented) A method as recited in Claim 18, further comprising the steps of 

2 creating and storing a bank location table comprising a plurality of records, wherein each 

3 record associates a bank identification number with a country value representing a 

4 country in which a headquarters of the bank is located. 

1 20. (Previously presented) A method as recited in Claim 19, further comprising the steps of 

2 creating and storing a bank location table comprising a plurality of records that associate 

3 bank identification numbers with country values associated with shipping addresses of 

4 past non-fraudulent transactions. 

1 21 . (Previously presented) The method as recited in Claim 20, wherein determining whether 

2 the country identified in the country value is greater than the specified relative distance 

3 from the bank comprises the steps of determining whether the country value is for a 

4 country that is greater than the specified relative distance from the bank as indicated by 

5 the records in the bank domain location table. 

1 22. (Currently amended) A method of determining evaluating fraud risk of an electronic 

2 commerce transaction, the method comprising the computer-implemented steps of: 

3 receiving transaction data that defines the electronic commerce transaction; 

4 determining a first fraud risk score value associated with the electronic commerce 

5 transaction based on applying a plurality of tests to the transaction data, wherein 

6 one of the plurality of tests includes at least: 

7 receiving the name value; 

8 for each bi-gram in the text value, retrieving from a table of bi-gram probability 

9 values a probability value that represents a probability that the bi-gram is 

10 found in a genuine name value, wherein the table of bi-gram probability 

1 1 values is created based on an actual frequency of occurrences of bi-grams 

12 in a large sample of genuine names; 



8 



LEWIS, Ser. No, 09/708,124, GAU 3624, Examiner Sandra S. Snapp 

REPLY TO OFFICE ACTION 

13 generating a penalty value when the retrieved probability values indicate that the 

14 text value comprises a combination of bi-grams that are not likely to 

1 5 represent a genuine name value ; and 

16 wherein receiving transaction data comprises the steps of receiving transaction data that 

17 defines the electronic commerce transaction for a particular Internet identity, and 

18 wherein determining a second fraud risk score value comprises the steps of 

19 determining a second fraud risk score value associated with the electronic 

20 commerce transaction based on a comparison of the transaction data to historical 

21 transaction data for other electronic commerce transactions pertaining to the same 

22 Internet identity; 

23 wherein the particular Internet identity comprises a first hash value of an email address of 

24 a prospective purchaser carried in combination with a second hash value of a card 

25 bank identification number of the prospective purchaser . 

1 23. (Canceled) 

1 24. (Currently amended) A computer-readable medium carrying one or more sequences of 

2 instructions for evaluating fraud risk of an electronic commerce transaction, which 

3 instructions, when executed by one or more processors, cause the one or more processors 

4 to carry out the steps of: 

5 receiving transaction information that defines the electronic commerce transaction; 

6 determining a first fraud risk score value associated with the electronic commerce 

7 transaction based on applying a plurality of tests to the transaction data, wherein 

8 each of the plurality of tests determines whether the transaction data appears to 

9 represent a genuine transaction based on specified criteria; 

10 determining a second fraud risk score value associated with the electronic transaction 

1 1 based on a comparison of the transaction information to historical transaction 

12 information; 

13 combining the first fraud risk score value and the second fraud risk score value using a 

14 statistical model to result in creating a model score value; 
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15 blending the model score value with one or more merchant-specific threshold values to 

16 result in creating and storing a final fraud risk score value for the electronic 

1 7 commerce transaction; 

18 wherein receiving transaction data comprises the steps of receiving transaction data that 

19 defines the electronic commerce transaction for a particular Internet identity, and 

20 wherein determining a second fraud risk score value comprises the steps of 

21 determining a second fraud risk score value associated with the electronic 

22 commerce transaction based on a comparison of the transaction data to historical 

23 transaction data for other electronic commerce transactions pertaining to the same 

24 Internet identity; 

25 wherein the particular Internet identity comprises a first hash value of an email address of 

26 a prospective purchaser carried in combination with a second hash value of a card 

27 bank identification number of the prospective purchaser . 

1 25. (Currently amended) An apparatus for evaluating fraud risk of an electronic commerce 

2 transaction, the apparatus comprising: 

3 means for receiving transaction data that defines the electronic commerce transaction; 

4 means for determining a first fraud risk score value associated with the electronic 

5 commerce transaction based on applying a plurality of tests to the transaction data, 

6 wherein each of the plurality of tests determines whether the transaction data 

7 appears to represent a genuine transaction based on specified criteria; 

8 means for determining a second fraud risk score value associated with the electronic 

9 commerce transaction based on a comparison of the transaction data to historical 

10 transaction data; 

1 1 means for combining the first fraud risk score value and the second fraud risk score value 

12 using a statistical model to result in creating a model score value; 

13 means for blending the model score value with one or more merchant-specific threshold 

14 values to result in creating and storing a final fraud risk score value for the 

15 electronic commerce transaction; 

16 wherein the means for receiving transaction data comprises means for receiving 

17 transaction data that defines the electronic commerce transaction for a particular 
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18 Internet identity, and wherein the means for determining a second fraud risk score 

19 value comprises means for determining a second fraud risk score value associated 

20 with the electronic commerce transaction based on a comparison of the transaction 

21 data to historical transaction data for other electronic commerce transactions 

22 pertaining to the same Internet identity; 

23 wherein the particular Internet identity comprises a first hash value of an email address of 

24 a prospective purchaser carried in combination with a second hash value of a card 

25 bank identification number of the prospective purchaser . 

1 26. (Currently amended) An apparatus for evaluating fraud risk of an electronic commerce 

2 transaction, comprising: 

3 a processor; 

4 a computer readable medium having one or more sequences of instructions stored thereon 

5 which, when executed by the processor, cause the processor to carry out the steps 

6 of: 

7 receiving transaction data that defines the electronic commerce transaction; 

8 determining a first fraud risk score value associated with the electronic commerce 

9 transaction based on applying a plurality of tests to the transaction data, 

1 0 wherein each of the plurality of tests determines whether the transaction 

1 1 data appears to represent a genuine transaction based on specified criteria; 

12 determining a second fraud risk score value associated with the electronic 

13 commerce transaction based on a comparison of the transaction data to 

1 4 historical transaction data; 

15 combining the first fraud risk score value and the second fraud risk score value 

16 using a statistical model to result in creating a model score value; 

17 blending the model score value with one or more merchant-specific threshold 

1 8 values to result in creating and storing a final fraud risk score value for the 

1 9 electronic commerce transaction 

20 wherein receiving transaction data comprises the steps of receiving transaction 

21 data that defines the electronic commerce transaction for a particular 

22 Internet identity, and wherein determining a second fraud risk score value 



11 



LEWIS, Ser. No. 09/708,124, GAU 3624, Examiner Sandra S. Snapp 

REPLY TO OFFICE ACTION 

23 comprises the steps of determining a second fraud risk score value 

24 associated with the electronic commerce transaction based on a 

25 comparison of the transaction data to historical transaction data for other 

26 electronic commerce transactions pertaining to the same Internet identity; 

27 wherein the particular Internet identity comprises a first hash value of an email 

28 address of a prospective purchaser carried in combination with a second 

29 hash value of a card bank identification number of the prospective 

30 purchaser . 

1 27. (Canceled) 

1 28. (Previously presented) A method as recited in claim 1 , wherein: 

2 receiving the transaction data is performed by a first apparatus that is linked to a second 

3 apparatus by a network; and 

4 blending the model score value is performed by the second apparatus. 
1 29. (Canceled) 

1 30. (Currently amended) A computer-readable medium carrying one or more sequences of 

2 instructions for evaluating fraud risk of an electronic commerce transaction, when 

3 executed by one or more processors, the computer readable medium comprising: 

4 memory carrying one or more instructions that cause the one or more processors to carry 

5 out the step of receiving transaction information that defines the electronic 

6 commerce transaction; 

7 memory carrying one or more instructions that cause the one or more processors to carry 

8 out the step of determining a first fraud risk score value associated with the 

9 electronic commerce transaction based on applying a plurality of tests to the 

1 0 transaction information, wherein each of the plurality of tests determines whether 

1 1 the transaction information appears to represent a genuine transaction based on 

12 specified criteria; 
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13 memory carrying instructions one or more instructions that cause the one or more 

14 processors to carry out the step of determining a second fraud risk score value 

15 associated with the electronic transaction based on a comparison of the transaction 

16 information to historical transaction information; 

17 memory carrying instructions one or more instructions that cause the one or more 

18 processors to carry out the step of combining the first fraud risk score value and 

19 the second fraud risk score value using a statistical model to result in creating a 

20 model score value; and 

21 memory carrying instructions one or more instructions that cause the one or more 

22 processors to carry out the step of blending the model score value with one or 

23 more merchant-specific threshold values to result in creating and storing a final 

24 fraud risk score value for the electronic commerce transaction; 

25 wherein the instructions that cause receiving transaction data comprises instructions that 

26 cause receiving transaction data that defines the electronic commerce transaction 

27 for a particular Internet identity, and wherein the instructions that cause 

28 determining a second fraud risk score value comprise instructions that cause 

29 determining a second fraud risk score value associated with the electronic 

30 commerce transaction based on a comparison of the transaction data to historical 

31 transaction data for other electronic commerce transactions pertaining to the same 

32 Internet identity; 

33 wherein the particular Internet identity comprises a first hash value of an email address of 

34 a prospective purchaser carried in combination with a second hash value of a card 

35 bank identification number of the prospective purchaser . 
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